Kaseya, a Florida-based software management firm, reported an attack on its systems on July 2, the latest of some 200 companies that have been compromised with ransomware, according to security firm Huntress.
“We’re not sure if it’s the Russians,” Biden said on July 3 in response to a question from a reporter.
The president said he “got a brief as I was on the plane and that’s why I was late” getting off the plane.
“I’ll be in better shape to talk to you about it—hang on a second,” the president said as he reached into his pocket to pull out a notecard.
“I’ll tell you what they sent me, OK?” the president said. “First of all, we’re not sure who it is for certain, No. 1.
“And the fact is that I directed the intelligence community to give me a deep dive on what’s happened, and I’ll know better tomorrow. And if it is, either with the knowledge of and/or a consequence of Russia, then I told Putin we will respond.”
Asked if has spoken with Russian President Vladimir Putin about the hack, Biden said he hasn’t.
“I haven’t called because we’re not certain. And the initial thinking was it was not the Russian government, but we’re not sure yet,” Biden said.
Kaseya stated on July 2 that its VSA software was the “victim of a sophisticated cyberattack.”
“We are in the process of investigating the root cause of the incident with an abundance of caution but we recommend that you IMMEDIATELY shut down your VSA server until you receive further notice from us,” a July 2 notice to customers stated. “It’s critical that you do this immediately because one of the first things the attacker does is shut off administrative access to the VSA.”
In an update emailed to The Epoch Times, the firm stated, “Due to our team’s fast response, we believe that this has been localized to a very small number of on-premises customers only.”
The company said it’s been advised that they shouldn’t click on any links in communications sent by the attackers because they may be “weaponized.”
The U.S. Cybersecurity and Infrastructure Security Agency stated on July 2 that it “is taking action to understand and address the supply-chain ransomware attack against Kaseya,” and several managed service providers that use the company’s software.
The FBI is involved in the investigation, according to Kaseya.